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physical address via a shipper (106) while preserving customer privacy. In accordance with an embodiment, an order is received 
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SYSTEM. METHOD, AND ARTICLE OF MANUFACTURE 



FOR SHIPPING A PACKAGE PRIVATELY TO A CUSTOMER 



RELATED APPLICATIONS 



[001] This application claims the benefit of U.S. Provisional Patent 
Application No. 60/212,596, filed June 19, 2000, and U.S. Provisional Patent Application 
No. 60/232,430, filed September 14, 2000. The contents of the two aforesaid 
applications are hereby incorporated by reference. 



Field of the Invention 

[002] The present invention relates generally to shipping a package to a 
customer and, more particularly, to a system, method, and article of manufacture for 
shipping a package privately to a customer, so that the sender does not learn the 
recipient's identity. 

Background Information 

[003] In recent years, online networks, such as the Internet, have experienced 
explosive growth and success because they provide a user (e.g., a customer) with the 
ability to access a vast array of resources (e.g., information) and to buy a product 
remotely (e.g., from the user's home). The Internet and more specifically, the World 
Wide Web ("Web") is a distributed network that includes web servers and web clients. 
Web servers are software applications that support common protocols, such as Hypertext 
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Transport Protocol (HTTP). Moreover, these web servers make documents, such as 
documents in hypertext mark up language (HTML), and other resources available to 
users via web sites. Each web site may include a plurality of web pages and may be 
identified by a unique address called a Uniform Resource Locator (URL). Web clients 
include software applications, such as a browser, which a user uses to access a web page, 
for example. 

[004] As a result of the Internet, many merchants who have a physical 
presence (e.g., a store in a mall) also have created web sites to sell the products they offer 
over the Internet. In addition, many new merchants have created web sites to sell their 
products only over the Internet and not in a physical store. To buy a product from these 
merchants, a customer may visit the merchant's web site, select the products that the 
customer wants to buy, and provide certain information (e.g., name, address, and 
financial information) to the merchant. After the merchant verifies the customer's 
information, the merchant may send the product to the customer via a shipper (e.g., 
United States Postal Service (USPS), Federal Express, and United Postal Service (UPS)). 

[005] To provide convenience to the customer, some web sites also create 
accounts for their customers so that the customers do not have to reenter their information 
every time the customers shop with that merchant. The merchant also may assign a user 
name and/or password, for example, to each customer who opens an account with them. 
Then, instead of providing their information every time, the customer may only need to 
provide a user name and/or password, for example, to logon to the merchant web site and 
to purchase products from the merchant 
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[006] Despite the convenience and advantages provided by such web sites, 
there are several drawbacks. One drawback is that many customers are hesitant in 
providing their personal information (e.g., name and address) to merchants because they 
are afraid that unknown third parties may intercept their personal information en route or 
that the merchant may sell their information to unknown third parties. Such customers 
may want to remain anonymous, either entirely or partially. 

[007] In addition, many customers may not want to receive unwanted offers 
(e.g., sales calls or literature) from merchants who send such offers to customers after a 
customer has purchased a product from the merchant. 

[008] Furthermore, if a merchant web site does not create an account for a 
customer, the customer may need to reenter his or her personal information each time the 
customer visits the merchant web site, a task that may be time consuming and 
inconvenient. On the other hand, if a merchant web site does create an account for a 
customer, the customer may not remember the logon information (e.g., user name and 
password) that the merchant assigned to the customer when the customer initially 
established the account with the merchant To remember the logon information, some 
customers may write the logon information on a piece of paper. This can result in 
unauthorized persons obtaining the information necessary to make unauthorized 
purchases on the customer's account. 

[009] Moreover, with the increase in the number of merchants offering 
products on the Internet, establishing accounts with each merchant that the customer 
purchases products from may be a time consuming and inconvenient task. 



3 



WO 01/99005 PCT/US01/19384 

SUMMARY OF A FEW ASPECTS OF THE INVENTION 
[010] Methods and systems consistent with the present invention facilitate in 
sending a package to a customer at a physical address via a shipper while preserving 
customer privacy. la accordance with an embodiment, an order is received from the 
customer. The order may include a unique identifier corresponding to the customer. A 
package is sent to the shipper in fulfillment of the order, the package including the unique 
identifier. Then, the customer's physical address is derived from the unique identifier 
and the package is delivered from the shipper to the customer's physical address. The 
unique identifier may be the customer's account number, a random number, or a barcode. 

[011] Methods and systems consistent with present invention may include a 
merchant computer, shipping computer, and payment computer to ship a package 
privately to the customer. The merchant computer may receive a purchase request for a 
product from a customer. The merchant computer may in turn send to a payment 
computer, an electronic token corresponding to a customer account and a purchase 
amount corresponding to the purchase request. In addition, a validation request to verify 
the electronic token may be sent to a shipping computer. The shipping computer may 
verify the electronic token. After verification, the electronic token is converted into 
shipping label information, wherein the shipping label information includes neither a 
name nor the physical address of the recipient The shipping label information is then 
sent to the merchant computer. In addition, a first label with the shipping label 
information is printed at the merchant computer. The first label is affixed to the package 
containing the product and the package is sent to the shipper. The shipper retrieves a 
name and a physical address of the customer using the shipping label information, places 
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a second label that includes the name and physical address on the package, and delivers 
the package to the customer. 

[012] Both the foregoing and the following description are exemplary and 
explanatory and are intended to provide further explanation of the claimed invention as 
opposed to limiting it in any manner. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[013] The accompanying drawings are incorporated in and constitute a part of 
this specification, and together with the description, explain the principles of the 
invention. In the drawings: 

[014] FIG. 1 is a block diagram of an exemplary system consistent with the 
present invention; 

[015] FIG. 2 is a block diagram of an exemplary client computer consistent 
with the present invention; 

[016] FIG. 3 is a block diagram of an exemplary registration system consistent 
with the present invention; 

[017] FIG. 4 is a block diagram of an exemplary shipping computer consistent 
with the present invention; 

[018] FIG. 5 is an exemplary flowchart illustrating the registration process, in 
accordance with methods and systems consistent with the present invention; 

[019] FIG. 6 is an exemplary flowchart illustrating the purchase process, in 
accordance with methods and systems consistent with the present invention; 

[020] FIG. 7 is an exemplary diagram of a shipping label used by a merchant, 
in accordance with methods and systems consistent with the present invention; and 
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[021] FIG. 8 is an exemplary block diagram of the various shipping methods 
available through USPS, in accordance with systems and methods consistent with the 
present invention. 

DETAILED DESCRIPTION 

[022] The following detailed description of the invention refers to the 
accompanying drawings. While the description includes exemplaiy embodiments, other 
embodiments are possible and changes may be made to the embodiments described 
without departing from the spirit and scope of the invention. The following detailed 
description does not limit the invention. Instead, the appended claims and their 
equivalents define the scope of the invention. 

[023] Methods and systems consistent with the present invention provide an 
electronic account to each customer on a network. In accordance with an embodiment of 
the present invention, a customer may use a registration system to establish an account 
with a shipper (e.g., USPS). To establish an account, the customer may provide the 
required information (e.g., name, address, and financial information) to the registration 
system. 

[024] Moreover, during account establishment, the shipper may assign logon 
information (e.g., logon information) and provide a digital certificate to the customer. In 
addition, during account establishment, if the customer does not already have an account 
with the payment company, the customer may also establish an account with a payment 
company. Then, when the customer wants to purchase a product from a merchant's web 
site, the customer may logon to a network (e.g., the Internet) using his or her computer. 
Using the browser on his computer, the customer may visit the shipper's web site to 
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obtain an electronic token. To establish the customer's identity, the shipper's web site 
may prompt the customer for the logon information and the digital certificate, both of 
which were provided to the customer during account establishment. 

[025] After obtaining the token, the customer may visit the merchant's web site 
and select the product that the customer wants to purchase. Once the customer has 
selected the product, the merchant website may redirect the customer's browser to the 
payment company's web site along with the electronic token and transaction information 
(e.g., total purchase amount). 

[026] The payment company's web site may, in turn, send the electronic token 
to the shipper's web site for validation. Once the shipper's web site has verified the 
token, the shipper's web site may provide validation and information for a shipping label 
to the payment company's web site. This label information may include a unique 
identifier, for example, a random number or a barcode, to identify the customer, but may 
not include the customer's name or address information. Upon receiving the verification 
and label information, the payment company's web site may charge the customer's 
account for the amount of the transaction and provide the label information to the 
merchant The merchant may in turn print the label information on a label, affix the label 
to a package, and send the package to the shipper. 

[027] Once the shipper receives the package, the shipper may read or scan the 
label to determine the customer's name and address, apply a new label that has the 
customer's name and address to the package, and ship the package to the customer. 
Accordingly, in this embodiment, the customer's information remains anonymous from 
the merchant. 
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[028] FIG. 1 is a block diagram of an exemplary system 100 consistent with the 
present invention. System 100 may include one or more client computers 102, a 
registration system 104, a shipping computer 106, a payment computer 108, a merchant 
computer 110, and a delivery computer 1 12, all of which may be interconnected via a 
network 114. 

[029] Each client computer 102 may include a computer or any other processor 
capable of communicating with other computers (e.g., merchant computer 110) and 
displaying information. The client computer may be located at a customer's home. 

[030] Registration system 104 may include one or more computers capable of 
communicating with other computers (e.g., merchant computer 1 10) and displaying 
information. Registration system 104 may obtain personal information (e.g., name, 
address, financial information) to establish an account for a customer and may assign an 
account number to the customer. Registration system 104 also may assign logon 
information (e.g., user name and/or password) to a customer. In addition, registration 
system 104 may be connected to a certificate authority so that a digital certificate can be 
provided to a customer upon account establishment 

[03 1] Registration system 104 may also send customer's information to shipping 
computer 106 and payment computer 108. Moreover, in one embodiment, registration 
system 104 may create an electronic token for a customer. An electronic token may be 
an encrypted data structure, customer's account number, or a random number. The 
electronic token may have certain options associated with it to provide security. For 
example, the electronic token may only be used a certain number of times or for a certain 
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amount of time before it expires. Registration system 104 maybe owned and/or 
maintained by a shipper. 

[032] In accordance with an embodiment of the present invention, registration 
system 1 04 may be the registration system disclosed in U.S. patent application number 
09/809,328 ("'328 application"), filed March 16, 2001, which is hereby incorporated by 
reference. 

[033] Shipping computer 1 06 may include a computer or any other processor 
capable of communicating with other computers (e.g., payment computer 108) and 
displaying information. Shipping computer 106 may receive customer information from 
registration system 104. In addition, shipping computer 106 may generate an electronic 
token for a customer and validate the electronic token for a payment company. 

[034] Shipping computer 106 may also provide shipping label information that 
is placed on a package by a merchant The shipping label information may include, for 
example, a random number, a customer's account number, or a barcode associated with a 
customer, so that the customer's identity remains hidden from the merchant In one 
embodiment, the barcode associated with the customer may include three digits to 
identify the zone of the delivery address for zone pricing purposes. In another 
embodiment, the shipping label information may also include a barcode representation or 
a number representation of the re-labeling location. 

[035] Shipping computer 106 also may provide delivery label information to 
delivery computer 1 12 so that a package received from a merchant may be delivered to a 
customer. The delivery label information may include, for example, a customer's name 
and address. Shipping computer 106 also may be owned and/or maintained by a shipper. 



9 



WO 01/99005 




PCT7US01/19384 



[036] Payment computer 108 may include a computer or any other processor 



capable of communicating with other computers (e.g., merchant computer 110) and 



displaying information. Payment computer 108 may receive a transaction from a 
merchant computer 110, may charge the customer's account for the amount of the 
transaction, and provide the merchant with payment confirmation. In addition, payment 
computer 108 may send a customer's electronic token to shipping computer 106 for 
validation. In one embodiment, payment computer 108 may receive a validation of the 
customer's electronic token along with shipping label information from shipping 
computer 1 06 and may send the shipping label information to merchant computer 110. In 
another embodiment, payment computer 108 may receive a validation of the customer's 
electronic token from shipping computer 106, generate shipping label information, and 
may send the shipping label information to merchant computer 110. In this embodiment, 
payment computer 108 may also send the shipping label information to shipping 
computer 106 so that the shipping label information may be converted to delivery label 
information. 

[037] Payment computer 108 may be owned and/or maintained by a financial 
institution (e.g., American Express and other credit card companies) or any company that 
provides a customer with the ability to mask his or her real identity from a merchant. 

[038] Merchant computer 110 may include a computer or any other processor 
capable of communicating with other computers (e.g., payment computer 108) and 
displaying information. Merchant computer 110 may offer products to a customer via 
network 114 and client computer 102. After a customer selects the product(s) he or she 
wants to purchase, merchant computer may send the customer's transaction information 
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(e.g., purchase amount for the product(s)) and electronic token to payment computer 108 
for processing. In addition, a merchant may use merchant computer 1 10 to receive 
shipping label information from payment computer 108, print a label with the shipping 
label information, affix the label to a package containing the product purchased by the 
customer, and send the package to a shipper for delivery to the customer. 

[039] Delivery computer 1 12 may include a computer or any other processor 
capable of communicating with other computers (e.g., shipping computer 106) and 
displaying information. Upon receipt of a package from a merchant, the shipper may use 
delivery computer 1 12 to read the shipping label information affixed on the package and 
request the delivery label information from shipping computer 106. Once the delivery 
label information is received from the shipping computer 1 06, the shipper may print a 
label with the delivery label information, affix the label to the package, and deliver the 
package to the customer. Delivery computer 1 12 may be owned and/or operated by the 
shipper or a third party. 

[040] Network 1 14 may be a single or a combination of any type of computer 
network, such as a Local Area Network (LAN) or a Wide Area Network (WAN). For 
example, network 1 14 may comprise an Ethernet network operating according to the 
IEEE 802.3 standard. In addition, network 1 14 may be a combination of public (e.g., 
Internet) and private networks. For example, client computer 102, payment computer 
108, and merchant computer 1 10 maybe connected to each other and to registration 
system 104, shipping computer 106, and delivery computer 1 12 via the Internet. 
However, registration system 104, shipping computer 106, and delivery computer 1 12 
may be connected to each other via a LAN. 
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[041] Other system and network configurations will be apparent to those 
skilled in the art from the foregoing and following description, and thus, are also within 
the scope of the present invention. For example, it will be apparent to one skilled in the 
art that a single computer may perform the tasks performed by registration system 104, 
shipping computer 106, and delivery computer 112. Similarly, it will be apparent to one 
skilled in the art that system 100 may include multiple shipping computers 106, payment 
computers 108, merchant computers 1 10, and delivery computers 1 12. 

[042] FIG. 2 is a block diagram of an exemplary client computer 1 02 
consistent with the present invention. As shown, client computer 102 may include 
browser 202, output device 204, processor 206, memory 208, communications device 
210, input device 212, and other software and data storage 214. 

[043] Browser 202 may include a conventional software application, such as 
NETSCAPE NAVIGATOR or INTERNET EXPLORER, for issuing HTTP requests to 
other computers (e.g., merchant computer 110). For example, browser 202 may request a 
specific web page or ask other computers (e.g., merchant computer 1 10) to perform a 
database query. Browser 202 also may read HTML codes embedded in the web pages 
received from the various servers to determine how, where, and in what colors and fonts 
the elements on the web pages must be displayed. In another embodiment, if cellular 
phones* are used as client computers 102, a WAP-compatible micro-browser may be used 
as the browser 202. Id still another embodiment, encryption capability may be included 
in browser 202. 

[044] Output device 204 may include a device that displays information to 
users. In addition, client computer 102 also may include processor 206 and/or memory 
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208. The processor 206 may control the components of client computer 102 and assist in 
processing requests received from other components. The memory 208 may include 
ROM (Read Only Memory) and/or RAM (Random Access Memory). 

[045] Client computer 102 also may include communications device 210 that 
may include an interface device for transmitting information from client computer 102 to 
network 110 and for receiving information that is addressed to client computer 102 from 
network 114. For example, communications device 210 may be a network interface card 
or a modem. In one embodiment, when sending information, communications device 
210 may break the information into packets that are sent across a TCP/IP network 1 10 to 
the various servers. In addition, communications device 210 may check for errors in 
transmission using, for example, cyclical redundancy check ("CRC"). 

[046] Input device 212 may include a device that is used for receiving input 
from a user. For example, input device 212 may include a keyboard, a keypad, and/or a 
pointing device (e.g., a mouse or a trackball). A keypad may comprise a conventional 
alphanumeric or numeric key entry device. Client computer 102 also may include other 
software and data storage 214, such as an operating system. 

[047] It will be apparent to one skilled in the art that client computer 1 02 may 
include some or all the components shown in FIG. 2. Moreover, it will be apparent to 
one skilled in the art that on-site client computer 102 may include additional components 
not shown in FIG. 2. For example, client computer 102 may include a printer device to 
print, for example, information received from other computers. 

[048] FIG. 3 is a block diagram of an exemplary registration system 104 
consistent with the present invention. As shown, registration system 104 may include an 
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application server 302, a web server 304, a database server 306, and a database 308. 
Registration system 104 also maybe connected a digital certificate authority 310 for 
additional security. 

[049] Application server 302 may include software tools to generate dynamic 
content and execute applications for registration system 104. For example, application 
server 302 may include software that processes logic and instructions to support 
registration system 104, token generation and validation software to generate an 
electronic token for a customer, account number generator software to generate an 
electronic account number for a customer, and certificate software to construct and 
submit requests to digital certificate authority 310 and to retrieve customer's digital 
certificate from digital certificate authority 310. 

[050] Web server 304 may process HTML requests to enable communications 
with other computers (e.g., customer computer 102) and may provide data to application 
server 302 and database server 306. Database server 306 may process all 
communications with database 308. Database 308 may store customer information 
provided by the customer during registration. 

[05 1] As shown in FIG. 3, registration system 104 also may be connected a 
digital certificate authority (CA) 310. During registration, registration system 104 may 
request digital certificate authority 310 to generate a digital certificate for a customer. 
The request may include, for example, a public key and information provided by 
customer during registration process. 

[052] The certificate authority 310 may issue an encrypted digital certificate 
containing a customer's public key and a variety of other identification information. The 
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digital certificate can be, for example, a well-known CUL'JLT X.500 Section 509 Version 3 
certificate. The certification authority 310 may make its own public key available 
through print or perhaps on the Internet The recipient of an encrypted message may use 
the CA's public key to decode the digital certificate attached to the message, verify the 
digital certificate as issued by the certificate authority 310, and then obtain the sender's 
public key and identification information held within the certificate. With this 
information, the recipient can send an encrypted reply. 

[053] Although not shown, it will be apparent to one skilled in the art that 
registration system 104 may include one or more computers that include a processor, 
memory, a communications device (e.g., network interface card), an output device (e.g., 
monitor), input device (e.g., keyboard and pointing device), and network operating 
system. The network operating system may process requests received from other 
computers, monitor network hardware and software, coordinate communication in the 
network, and provide transaction security. 

[054] FIG. 4 is a block diagram of an exemplary shipping computer 106 
consistent with the present invention. As shown, shipping computer 106 may include an 
application server 402, a web server 410, a database server 412, and a database 414. 

[055] Application server 402 may include software tools, such as application 
server software 404, token generation and validation software 406, and token conversion 
software 408, to generate dynamic content and execute applications for shipping 
computer 106. Application server software 404 may process logic and instructions to 
support shipping computer 106. For example, application server 402 may authenticate a 
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customer when the customer desires to access his or her data or obtain an electronic token 
from shipping computer 106. 

[056] Token generation and validation software 406 may generate an 
electronic token for a customer and the token conversion software 408 may convert a 
token into shipping label information. Web server 410 may process HTML requests to 
enable communications with other computers (e.g., payment computer 108) and may 
provide data to application server 402 and database server 412. 

[057] Database server 412 may process all communications with a database 
414. Database 414 may include customer information provided by registration system 
104. Although not shown, it will be apparent to one skilled in the art that shipping 
computer 104 may include a processor, memory, a communications device (e.g., netwoik 
interface card), an output device (e.g., monitor), input device (e.g., keyboard and pointing 
device), and an operating system. 

[058] Moreover, it will be apparent to one skilled in the art from the foregoing 
and following description that shipping computer 106 may include some or all the 
components shown in FIG. 4. For example, in one embodiment, shipping computer 106 
may not include a database server or a database. Instead, shipping computer 106 may 
obtain the data from registration system 104. 

[059] Furthermore, although not shown, payment computer 108 and merchant 
computer 110 also may include some or all of the components that are included in 
shipping computer 106. For example, in one embodiment, both of these computers may 
include an application server to generate dynamic content and execute applications, a 
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web server to process HTML requests, a database server, and a database. Moreover, in 
one embodiment, payment computer 108 may include token conversion software. 

[060] Similarly, although not shown, it will be apparent to one skilled in the art 
that delivery computer 112 may include some or all of the components that are included 
in client computer 102. In one embodiment, a shipper may use the browser on delivery 
computer 1 12 to request delivery label information from the shipping computer 106. In 
another embodiment, instead of a browser, delivery computer 112 may include 
application software for requesting delivery label information from the shipping 
computer 106. 

[061] FIG. 5 is an exemplary flowchart illustrating the registration process, in 
accordance with methods and systems consistent with the present invention, such as the 
system illustrated in FIG. 1 . A customer at a client computer 1 02 may connect to 
network 114 and request the web page associated with the registration process, for 
example, by entering the web page's URL in his or her browser (stage not shown in 
Figure). Registration system 104 may receive the request from the customer (stage 502) 
and may prompt the customer for registration information (stage 504). The registration 
information may include customer name, physical address, e-mail address, telephone 
number, financial information, and a request for an account 

[062] If the customer already has an account with a payment company, then 
the financial information may include information regarding that account (e.g., account 
number). If the customer does not have an account with a payment company, the 
financial information may include the required information to establish an account with 
the payment company. 
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[063] Upon receiving the requested information from the customer, registration 
system 104 may create an account for the customer and store the customer's information 
in database 308 (stage 508). During account creation, the account number generator 
software may generate a unique account number for the customer. In addition, in one 
embodiment, logon information (e.g., user name and/or password) may be created by 
registration system 104 so that the customer can logon to registration system 104 or 
shipping computer 106. In another embodiment, the customer may be prompted to select 
the logon information. In still another embodiment, during account creation , registration 
system 104 may request a digital certificate from digital certificate authority 310. 

[064] Moreover, in one embodiment, during account creation, the token 
generation and validation software may generate an electronic token for use by the 
customer during the purchasing process. 

[065] Once an account has been created, the financial information is sent to 
payment computer 108 and deleted from database 308 (stage 508). In another 
embodiment, however, the financial information may not be deleted from database 308. 
In this stage, the payment computer 108 also maybe provided with the shipping 
computer's information (e.g., IP address) so that the payment computer 108 may send 
token validation and conversion requests to snipping computer 106 during the purchasing 
process. 

[066] After account creation, registration system 1 04 may also send logon 
information to database 414 of shipping computer 106 so that the shipping computer can 
receive and process requests received from client computer 102 (stage 510). In one 
embodiment, registration system 104 may also send customer address information and 
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account number to shipping computer 106 so that the shipping computer 106 does not 
have to request such information from database 308 during the shipping process. 

[067] Finally, registration system 104 may provide the customer with a 
confirmation indicating that the customer's account has been created successfully (stage 
512). In this stage, if a digital certificate was created, the digital certificate is provided to 
the customer. Similarly, if the logon information was generated by registration system 
104, the customer is provided with the logon information. The account establishment 
process is complete once the customer is provided with a confirmation. 

[068] It will be apparent to one skilled in the art that many modifications may be 
made to the process shown in FIG. 5 without departing from the scope of the invention. 
For example, registration system 104 may provide the customer with confirmation before 
sending customer information to payment computer 108 or shipping computer 106. 

[069] Moreover, it will be apparent to one skilled in the art that other account 
establishment processes may be used or that the process shown in FIG. 5 may be 
combined with other account establishment processes. For example, the account 
establishment process disclosed in the '328 application may be used to establish an 
account for a customer or the process shown in FIG. 5 may be combined with the account 
establishment process disclosed in the '328 application. 

[070] Once a customer has established an account, the customer may purchase 
products from a merchant web site. FIG. 6 is an exemplary flowchart illustrating the 
purchase process, in accordance with methods and systems consistent with the present 
invention. A customer may use client computer 102 to connect to network 114 and logon 
to shipping computer 106 (stage 602). When logging onto the shipping computer 106, 



19 



WO 01/99005 ~ PCT/US01/19384 

the shipping computer may request logon information from the customer and compare it 
with the information in database 414. If the logon information provided by the customer 
matches the one in database 414, the customer is authenticated. If the logon information, 
on the other hand, does not match the information in database 414, then shipping 
computer 1 06 may request the customer to reenter the logon information. The customer 
may be given a certain number of tries (e.g., three tries) before shipping computer 106 
instructs the customer to contact the administrator of the shipping computer 106 to 
resolve the authentication problems. 

[071] In one embodiment, during the logon process (stage 602) the shipping 
computer 106 may also check the digital certificate provided to the customer during the 
account establishment process to authenticate the customer. 

[072] Once logged into shipping computer 1 06, the customer may request an 
electronic token from shipping computer 106 (stage 604). Token generation and 
validation software 406 may either generate an electronic token or request registration 
system 104 to generate an electronic token. The electronic token may also be stored in 
the customer's account 

[073] Once the token has been generated, the token may be provided to client 
computer 1 02 (stage 606). After obtaining the token, a customer may connect to 
merchant computer 110, for example, by typing in the merchant's web site address in his 
or her computer's browser. Typing in the address should take the customer to the web 
site hosted by the merchant computer 110. Once at the merchant computer 110, the 
customer may select the product or products he or she wants to purchase (stage 608). 
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[074] After selecting the products, merchant computer 110 may request the 
electronic token from the customer and may prompt the customer to select a payment 
method (stage 610). In response, the customer may provide the token to the merchant 
computer 110 and may select the method corresponding to the payment company that the 
customer wants to use (stage 612). 

[075] Next, merchant computer 110 may send the token along with the 
transaction information to payment computer 108 corresponding to the payment company 
selected by the customer (stage 614). The transaction information may include the total 
purchase amount and/or a description of the products the customer wants to purchase. 

[076] Payment computer 108 may in turn send the token to shipping computer 
106 for validation (616). Upon receiving a validation request from payment computer 
108, token generation and validation software 406 of shipping computer 106 may 
compare the token to the token stored in the customer's account (stage 61 8). If the token 
is encrypted, the shipping computer 106 may decrypt it before comparing it to the token 
stored in the customer's account 

[077] If the token is valid, the token conversion software 408 of shipping 
computer 106 may convert the token into shipping label information (stage 620) and send 
a response to payment computer 108 (stage 622). The response may include a 
verification indicating that the token is a valid token and shipping label information 
(stage 622). 

[078] Upon receiving a verification from shipping computer 106, payment 
computer 108 may charge the purchase amount to the customer's account (stage 624) and 
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may send the shipping label information along with payment confirmation information to 
merchant computer 110 (stage 626). 

[079] Next, merchant computer 110 may provide confirmation of the transaction 
to the customer (stage 628). Then, merchant computer 110 may print the shipping label 
information on a label (stage 630) and the merchant may affix the label on the package 
containing the customer's products. Finally, the merchant may send the package to the 
shipper (stage not shown in figure). After the package has been sent to the shipper, tiie 
purchase process is complete. 

[080] If, on the other hand, shipping computer 106 determines that the token is 
not valid, the token conversion software 408 of shipping computer 106 may send an error 
message to payment computer 108 indicating that the there was a verification error (stage 
634). Payment computer 108 may in turn send the error message to merchant computer 
110, which may display the message to the customer (stages 636 and 638). The customer 
may then either start the purchase process over again or retry depending on the preference 
of the merchant and/or the customer. 

[081] In the foregoing description, it was assumed that the customer conducted 
the purchase without closing his or her browser and thus, did not need to logon to the 
shipping computer 106 in stage 620. If the customer had closed the browser on client 
computer 102, then the customer would be requested to logon in stage 620. In another 
embodiment, shipping computer 1 06 may require the customer to provide the logon 
information again to provide more security. In still another embodiment, the token may 
be a unique token and thus the customer may not need to logon to shipping computer 106 
in stage 620. 
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[082] Moreover, although not shown in FIG. 6, one skilled in the art would 
readily understand that the customer would need to provide some identifying information 
to payment computer 108 so that the payment computer can charge the customer's 
account. In another embodiment, however, shipping computer 106 may provide the 
required identifying information to payment computer 108 along with the verification in 
stage 622. 

[083] Furthermore, it will be apparent to one skilled in the art that various 
modifications may be made to the process shown in FIG. 6 without departing from the 
scope of the invention. For example, in one embodiment, if the customer's account with 
the payment company is linked to a credit card, payment company 108 may send a 
request to the credit card company requesting that the purchase amount be charged to the 
customer's account in stage 624. hi another embodiment, the amount that is charged to . 
the customer's account may include the postage amount. The postage amount may be 
calculated by shipping computer 106 and may be sent to payment company 108 along 
with the verification in stage 622. In another embodiment, payment computer 108 may 
convert the token to shipping label information instead of receiving such information 
from shipping computer 106. 

[084] FIG. 7 is an exemplary diagram of a shipping label used by a merchant, in 
accordance with methods and systems consistent with the present invention. The 
shipping label may include a return address 702, evidence of postage and class of service 
704, shipping label information that may include a barcode 706 to identify the customer 
and a barcode 708 to identify the re-labeling location, both of which may be received 
from shipping computer 1 06, and an indication that the package has been authorized for 
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anonymous shipping and requires special handling (stage 710). As shown in FIG. 7, 
human readable digits may be included under both the barcodes 706 and 708. 

[085] Although the label shown in FIG. 7 includes barcodes to identify the 
customer and re-labeling information, in another embodiment, only the customer 
information may be included on a shipping label. 

[086] If the shipping label has re-labeling location information on it, the shipper 
may send the package to the location corresponding to the re-labeling location 
information. For example, if the re-labeling location corresponds to the customer's local 
post office, the shipper may send the package to the customer's local post office for re- 
labeling. If, on the other hand, the package does not contain re-labeling location 
information on it, the package may be sent to a branch specified by the shipper for 
receiving such packages and be re-labeled by the shipper at that location. 

[087] To re-label the package, the shipper may use delivery computer 1 1 2 to 
read information corresponding to the customer (e.g., bar code 706), which is part of the 
shipping label information on the package, and send this information to shipping 
computer 1 06 along with a request to convert the information to the delivery label 
information. Shipping computer 1 06 may convert the shipping information to the 
delivery label information and provide the delivery computer 1 12 with that information. 
In another embodiment, shipping computer 106 may send a request to registration system 
104 requesting that the shipping information be converted the delivery label information. 
The shipper then affixes a label with the delivery information on the package and ships 
the package to the customer. 



24 



WO 01/99005 PCT/US01/19384 

[088] Depending on the customer and/or shipper, the customer may be given the 
option of selecting one of many methods of delivering a package. FIG. 8 is an exemplary 
block diagram of the various shipping methods available through USPS, in accordance 
with systems and methods consistent with the present invention. As shown, a customer 
may select between three shipping methods: conventional delivery method 802, call 
depot method 804, or Mail Item Retrieval System (MIRS) 806. The customer may make 
such a selection, for example, in stage 612, in response to a merchant's prompt for a 
delivery method in stage 610. 

[089] The conventional delivery 802 method includes delivering the package the 
conventional way (e.g., street delivery or P.O. Box delivery). If the customer chooses the 
conventional delivery method, USPS may re-label the package at one of five different 
locations: delivery units 808, business mail entry units (BMEUs) 810, plants 812, 
computer forwarding service (CFS) forwarding units 814, or a third party relabeler 816. 
The re-labeling of the these packages at any of these five different locations may be 
performed, as described above. 

[090] If the customer chooses the call depot 804 method, the package would be 
sent to the customer's local post office or a designated post office near the delivery 
address. Instead of re-labeling the package in this method, the shipper would read or 
scan the shipping label information and mail the customer a notification indicating that 
USPS has received a package for the customer and that the customer may pick up the 
package at a designated location. The customer may then go to the designated location, 
present identification along with the notification to the shipper's representative, and 
receive the package. 
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[091] Similarly, if the customer chooses the MIRS 806 method, the package 
would not be re-labeled, but instead the package would be sent to a MIRS location near 
the delivery address. Instead of re-labeling the package in this method, the shipper would 
read or scan the shipping label information and mail the customer a notification 
indicating that USPS has received a package for the customer and that the customer may 
pick up the package at a designated location. Since MIRS allows customer to retrieve 
mail items at a self-service machine, the customer may go to the self-service machine at 
the designated location and retrieve the package. Before retrieving the package, 
however, the customer may need to provide authentication information that would have 
been previously provided to the customer by USPS. In one embodiment, MERS 806 
method may be based on the systems and methods disclosed in related U.S. patent 

application no. , entitled "Systems and Methods for Providing Mail Item 

Retrieval," filed on June 19, 2001, which is hereby incorporated by reference. 

[092] The above-noted features, other aspects, and principles of the present 
invention may be implemented in various system or network configurations to provide 
automated and computational tools for shipping a package privately to a customer. Such 
configurations and applications may be specially constructed for performing the various 
processes and operations of the invention or they may include a general purpose 
computer or computing platform selectively activated or reconfigured by program code to 
provide the necessary functionality. The processes disclosed herein are not inherently 
related to any particular computer or other apparatus, and may be implemented by a 
suitable combination of hardware, software, and/or firmware. For example, various 
general purpose machines may be used with programs written in accordance with 
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teachings of the invention, or it may be more convenient to construct a specialized 
apparatus or system to perform the required methods and techniques. 

[093] The present invention also relates to computer readable media that 
include program instruction or program code for performing various computer- 
implemented operations based on the methods and processes of the invention.' The media 
and program instructions may be those specially designed and constructed for the 
purposes of the invention, or they may be of the kind well-known and available to those 
having skill in the computer software arts. The media may take many forms including, 
but not limited to, non-volatile media, volatile media, and transmission media. Non- 
volatile media includes, for example, optical or magnetic disks. Volatile media includes, 
for example, dynamic memory. Transmission media includes, for example, coaxial 
cables, copper wire, and fiber optics. Transmission media can also take the form of 
acoustic or light waves, such as those generated during radio-wave and infra-red data 
communications. Examples of program instructions include both machine code, such as 
produced by compiler, and files containing a high level code that can be executed by the 
computer using an interpreter. 

[094] Furthermore, it will be apparent to those skilled in the art that various 
modifications and variations can be made in the system and method of the present 
invention and in construction of this invention without departing from the scope or spirit 
of the invention. For example, in one embodiment, the customer may establish an 
account with registration system 104 and obtain an account number from the registration 
system 104. Upon receiving the account number, the customer may visit a merchant's 
web site and select the products that the customer wants to purchase. After selecting the 
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products, the customer may provide to the merchant the account number and financial 



package, the shipper may retrieve the customer's name and address from registration 
system 1 04 by using the account number on the label, apply a new label that contains the 
customer's name and address to the package, and ship the package to the customer. 
[095] In another embodiment, the shipper may perform the functions of a 



methods consistent with the present invention to purchase a service also. 

[096] Moreover, other embodiments of the invention will be apparent to those 
skilled in the art from consideration of the specification and practice of the invention 
disclosed herein. It is intended that the specification and examples be considered as 
exemplary only, with a true scope and spirit of the invention being indicated by the 
following claims. 



information (e.g., credit card number and expiration date). The merchant may charge the 
customer's credit card for the amount of the purchase and send the package to a shipper 
with a label that contains the customer's account number on it Upon receiving the 



payment company. In still another embodiment, a customer may use systems and 
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WHAT IS CLAIMED IS: 

1 . A method for sending a package to a customer at a physical address via a 
shipper while preserving customer privacy, comprising: 

receiving an order from the customer, the order including a unique identifier 
corresponding to the customer; 

sending the package to the shipper in fulfillment of the order, the package 
including the identifier; 

deriving the physical address from the identifier; and 

delivering the package from the shipper to the customer at the physical address. 

2. The method of claim 1, further comprising: 

assigning an electronic account number to the customer using a registration 

system. 

3. The method of claim 2, wherein the electronic account number is the identifier. 

4. The method of claim 1, wherein the identifier comprises a random number. 

5. The method of claim 1, wherein the identifier comprises a bar code. 

6. The method of claim 1, further comprising: 

sending a request to a payment company to charge the customer for the order; and 
charging a financial account of the customer for the order. 
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7. The method of claim 1, further comprising labeling the package with a label 
that contains the physical address of the customer. 



8. The method of claim 7, wherein the labeling stage occurs at one of a delivery 
unit, a business mail entry unit, a plant, a computer forwarding service unit, or a third 
party relabeler. 



9. A method of sending a package to a customer while preserving customer 
privacy using a system that includes a merchant computer, shipping computer, and 
payment computer, comprising: 

receiving, at the merchant computer, a purchase request for a product; 

sending, to the payment computer, an electronic token corresponding to a 
customer account and a purchase amount corresponding to the purchase request; 

sending, to the shipping computer, a validation request to verify the electronic 

token; 

verifying, at the shipping computer, the electronic token; 

converting, after verification, the electronic token into shipping label information, 
wherein the shipping label information identifies neither a name nor a physical address of 
the customer; 

sending, to the merchant computer, the shipping label information; 
printing, at the merchant computer, a first label with the shipping label 
information; 

affixing the first label to the package containing the product; 
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sending the package to a shipper, 



retrieving the name and the physical address of the customer using the shipping 



label information; and 

delivering the package to the customer. 

10. The method of claim 9, further comprising affixing a second label on the 
package, the second label including at least one of the name and the physical address of 
the customer. 

1 1 . The method of claim 1 0, wherein delivering the package to the customer 
includes delivering the package to the physical address of the customer. 

12. The method of claim 9, further comprising sending a notification to the 
customer at the physical address, the notification informing the customer of the package 
and specifying the location of the package. 

13. The method of claim 12, wherein the delivering the package to the customer 
is performed by a call depot at the location identified by the notification. 

14. The method of claim 12, wherein the delivering the package to the customer 
is performed by a self-service machine at the location identified by the notification. 
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15. The method of claim 9, wherein the electronic token is an encrypted data 
structure, a random number, or an account number corresponding the customer. 

1 6. The method of claim 9, wherein the converting, after verification, the 
electronic token into shipping label information includes converting, at the shipping 
computer, the electronic token into the shipping label information. 

17. The method of claim 9, wherein the converting, after verification, the 
electronic token into shipping label information includes converting, at the payment 
computer, the electronic token into the shipping label information. 

1 8. The method of claim 9, wherein the shipping label information includes a re- 
labeling location information. 

19. A system for sending a package to a customer while preserving customer 
privacy, the system including: 

a merchant computer for selling a plurality of products to the customer; 

a client computer for selecting a product from the plurality of products; 

a payment computer for requesting shipping information of the customer, and 

a shipping computer for providing the shipping information of the customer, 
wherein the shipping information includes neither a name nor an address of the customer; 
and 
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wherein the merchant computer places the shipping information on the package 
containing the selected product 

20. The system of claim 19, further comprising a delivery computer for retrieving 
at least one of a name and a physical address of the customer using the shipping 
information and for placing at least one of the name and the physical address on the 
package. 



21. A computer-readable medium containing instructions for causing a computer 
to perform a method for sending a package to a customer at a physical address via a 
shipper while preserving customer privacy, the method comprising: 

generating shipping label information for a merchant, wherein the shipping label 
information includes neither a name nor the physical address of the customer; 

converting the shipping label information into the name and the address of the 
customer after a shipper receives a package from a merchant with the shipping label 
information; and 

providing the name and address of the customer to the shipper for delivery of the 
package to the customer 

22. A registration system including a database for sending a package to a 
customer while preserving customer privacy, comprising: 

means for receiving a registration request from the customer, the registration 
request including a name, a physical address, and a financial information of the customer; 
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means for creating an account for the customer in the database based on the 
registration request; and 

means for generating a unique identifier corresponding to the customer; 



of the customer using the unique identifier, and 

means for providing the name and the address of the customer to the shipper. 

23. The registration system of claim 22, further comprising: 

means for requesting a digital certificate from a digital certificate authority; and 
means for providing the digital certificate to the customer. 

24. The registration system of claim 22, wherein the unique identifier is a random 
number or a barcode. 



means for converting the unique identifier into the name and the physical address 
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